More than 360 million stolen credentials available on the black market

Hold Security firm discovered more than 360 million newly stolen credentials and around 1.25 billion email addresses available for sale on the black market.

The Hold Security firm has discovered a huge volume of data for sale on the online black market, it includes credentials from more than 360 million accounts and around 1.25 billion email addresses.  Just a couple of weeks ago Hold Security reported it has discovered a list of credentials for close to 7,800 FTP servers being circulated in cybercrime forums in the Deep Web.

Clamorous the case of a single hacker that has stolen more than 105 million records, probably the largest data breach in until today.

“These credentials can be stolen directly from your company but also from services in which you and your employees entrust data. In October 2013, Hold Security identified the biggest ever public disclosure of 153 million stolen credentials from Adobe Systems. One month later we identified another large breach of 42 million credentials from Cupid Media,” a spokesman for the security firm declared.

The hackers have archived hundreds of million credentials over the first 3 weeks of February, Hold Security first discovered a lot of over 300 million credentials still not publicly disclosed, but the total amount of abused credentials available on the black market is over 450 million considering also data related to the Adobe data breach. Details of 2.9 million people across the globe were stolen in a highly sophisticated cyber attack against Adobe systems.

Adobe’s security team announced recently that the attackers accessed Adobe customer IDs and encrypted passwords on its systems and removed information, including customer names, encrypted credit or debit card numbers, expiration dates and customer orders.

“But this month we exceeded all expectations. In the first three weeks of February we identified nearly 360 million stolen and abused credentials and 1.25 billion records containing only email addresses. These mind boggling numbers are not meant to scare you and they are a product of multiple breaches which we are independently investigating. This is a call to action,” “The sheer volume is overwhelming,” said Alex Holden, chief information security officer of Hold Security. 

It is not known till now from where these credentials were exactly stolen, but the security researchers estimated that these credentials are a result of multiple breaches. Of course every account credentials have a different quotation on the black market, banking credentials and business account are very appreciated commodities.

Last year Brian Krebs published the analysis of price lists for stolen account on various hacking forums:

• ITunes account for $8
• Fedex.com, Continental.com and United.com accounts for $6.
• Groupon.com for $5
• Hosting provider Godaddy.com for $4
• Wireless providers Att.com, Sprint.com,Verizonwireless.com, and Tmobile.com for $4.
• Facebook and Twitter for  $2.50.

Experts at Hold Security haven’t revealed the source of the stolen data, neither the strategy of hackers to collect a so huge quantity of data, but they confirmed that the email addresses came from all major providers including Google, Microsoft and Yahoo. Stolen information also belongs to numerous non-profit organizations and almost all Fortune 500 companies.

“E-mail addresses in the credentials are from all major services, including Gmail and Yahoo, and almost all Fortune 500 companies and nonprofit organizations,” said Alex Holden.

The discovery of data on the black market represents a serious risk for users of popular web services and enterprises, they could be abused for further attacks against online bank accounts, corporate networks and other institution.

Stolen data is fueling a growing underground economy, if you believe that your email account has no value … you‘re wrong!

Pierluigi Paganini

(Security Affairs –  Black market, Hold Security)